Here's my notes. All are nits/editorial. This is a very good document, nice work!
Overall -- should it point out that "revocation" in the sense of CRL's doesn't work in web pki? I know you say it includes things like blacklists and crlsets (rightfully, without using that browser-specific term) Overall -- should we say user-agent, not browser? P3/bottom: Love the definition of the term bogus :) On next para (p4) need to say "use the term erroneous here"? P4/bottom: SCT isn't defined before used. P5/middle: MMD and STH not defined before used? P6: Fig 1 is a tour de force P8/middle: remove the <want to list... phrase. P8/middle: change "to present the forged" to "so that it can present the forged" ? P8/bottom: Why use single quotes here, but double-quotes in previous words (e.g., bogus)? Perhaps add a sentence explaining that the malicious term is being used, even when the CA is forced to act under duress? p10/top: single quotes around fake, And extra close-paren at end of sec 3.1.1.2 p10/middle: brings up general point that too much important text is put in parenthesis :) p13/top: Add "For example, the CA could make excuses..." p14/middle: Remove parens around "(legitimate)" p14/bottom: Move the "we refer" to p4 as noted above? P15: Don’t get why those three paragraphs are set off as list items? p15/bottom: The "Bottom line:" needs to be put into prose :) p19: These are VERY IMPORTANT QUESTIONS. Should we have (tentative?) answers? Rest is fine. No nits. _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
